CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43645 – D-Link DIR-825/EE xupnpd IVI Plugin Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-43645
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IVI plugin for the xupnpd service, which listens on TCP port 4044. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the admin user. • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10319 https://www.zerodayinitiative.com/advisories/ZDI-22-1704 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43642 – D-Link DIR-825/EE xupnpd YouTube Plugin Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-43642
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the YouTube plugin for the xupnpd service, which listens on TCP port 4044. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the admin user. • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10319 https://www.zerodayinitiative.com/advisories/ZDI-22-1701 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 1CVE-2022-46642
https://notcve.org/view.php?id=CVE-2022-46642
D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. • https://github.com/CyberUnicornIoT/IoTvuln/blob/main/d-link/dir-846/D-Link%20dir-846%20SetAutoUpgradeInfo%20command%20injection%20vulnerability.md https://www.dlink.com/en/security-bulletin • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46560
https://notcve.org/view.php?id=CVE-2022-46560
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module. Se descubrió que D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 contenía un desbordamiento de pila a través del parámetro Password en el módulo SetWan2Settings. • https://hackmd.io/%400dayResearch/SetWan2Settings_l2tp https://hackmd.io/%400dayResearch/SetWan2Settings_pppoe https://hackmd.io/%400dayResearch/SetWan2Settings_pptp https://hackmd.io/%400dayResearch/rkXr4BQPi https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46570
https://notcve.org/view.php?id=CVE-2022-46570
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module. Se descubrió que D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 contenía un desbordamiento de pila a través del parámetro Password en el módulo SetWan3Settings. • https://hackmd.io/%400dayResearch/SetWan3Settings_l2tp https://hackmd.io/%400dayResearch/SetWan3Settings_pppoe https://hackmd.io/%400dayResearch/SetWan3Settings_pptp https://hackmd.io/%400dayResearch/r1zsTSmDs https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •